ssl: refactoring CyaSSL_DH_compute_key to reduce stack usage:

--- variable pub moved to the heap (1024 bytes saved)
--- variable priv moved to the heap (1024 bytes saved)
This commit is contained in:
Moisés Guimarães 2014-09-12 13:50:01 -03:00
parent cab23472be
commit 6b7dbb9f2a

View File

@ -10571,51 +10571,59 @@ int CyaSSL_DH_generate_key(CYASSL_DH* dh)
int CyaSSL_DH_compute_key(unsigned char* key, CYASSL_BIGNUM* otherPub, int CyaSSL_DH_compute_key(unsigned char* key, CYASSL_BIGNUM* otherPub,
CYASSL_DH* dh) CYASSL_DH* dh)
{ {
unsigned char pub [1024]; int ret = 0;
unsigned char priv[1024]; word32 keySz = 0;
word32 pubSz = sizeof(pub); word32 pubSz = 1024;
word32 privSz = sizeof(priv); word32 privSz = 1024;
word32 keySz; #ifdef CYASSL_SMALL_STACK
unsigned char* pub = NULL;
unsigned char* priv = NULL;
#else
unsigned char pub [1024];
unsigned char priv[1024];
#endif
CYASSL_MSG("CyaSSL_DH_compute_key"); CYASSL_MSG("CyaSSL_DH_compute_key");
if (dh == NULL || dh->priv_key == NULL || otherPub == NULL) { #ifdef CYASSL_SMALL_STACK
pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pub == NULL)
return ret;
priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (priv == NULL) {
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return 0;
}
#endif
if (dh == NULL || dh->priv_key == NULL || otherPub == NULL)
CYASSL_MSG("Bad function arguments"); CYASSL_MSG("Bad function arguments");
return 0; else if ((keySz = (word32)DH_size(dh)) == 0)
}
keySz = (word32)DH_size(dh);
if (keySz == 0) {
CYASSL_MSG("Bad DH_size"); CYASSL_MSG("Bad DH_size");
return 0; else if (CyaSSL_BN_bn2bin(dh->priv_key, NULL) > (int)privSz)
}
if (CyaSSL_BN_bn2bin(dh->priv_key, NULL) > (int)privSz) {
CYASSL_MSG("Bad priv internal size"); CYASSL_MSG("Bad priv internal size");
return 0; else if (CyaSSL_BN_bn2bin(otherPub, NULL) > (int)pubSz)
}
if (CyaSSL_BN_bn2bin(otherPub, NULL) > (int)pubSz) {
CYASSL_MSG("Bad otherPub size"); CYASSL_MSG("Bad otherPub size");
return 0; else {
privSz = CyaSSL_BN_bn2bin(dh->priv_key, priv);
pubSz = CyaSSL_BN_bn2bin(otherPub, pub);
if (privSz <= 0 || pubSz <= 0)
CYASSL_MSG("Bad BN2bin set");
else if (DhAgree((DhKey*)dh->internal, key, &keySz, priv, privSz, pub,
pubSz) < 0)
CYASSL_MSG("DhAgree failed");
else
ret = (int)keySz;
} }
privSz = CyaSSL_BN_bn2bin(dh->priv_key, priv); #ifdef CYASSL_SMALL_STACK
pubSz = CyaSSL_BN_bn2bin(otherPub, pub); XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (privSz <= 0 || pubSz <= 0) { return ret;
CYASSL_MSG("Bad BN2bin set");
return 0;
}
if (DhAgree((DhKey*)dh->internal, key, &keySz, priv, privSz, pub,
pubSz) < 0) {
CYASSL_MSG("DhAgree failed");
return 0;
}
CYASSL_MSG("CyaSSL_compute_key success");
return (int)keySz;
} }
#endif /* NO_DH */ #endif /* NO_DH */